Server.js

1. const express = require('express');
2. const path = require('path');
3. const bodyParser = require('body-parser');
4.  
5. const index = require('./routes/index');
6. const users = require('./routes/users');
7.  
8. // passport jwt
9. var _ = require("lodash");
10. var jwt = require('jsonwebtoken');
11. var passport = require("passport");
12. var passportJWT = require("passport-jwt");
13. var JwtStrategy = require('passport-jwt').Strategy,
14.     ExtractJwt = require('passport-jwt').ExtractJwt;
15.  
16. var listOfUsers = [
17.   {
18.     id: 1,
19.     name: 'jonathanmh',
20.     password: '%2yx4'
21.   },
22.   {
23.     id: 2,
24.     name: 'test',
25.     password: 'test'
26.   }
27. ];
28.  
29. var jwtOptions = {}
30. jwtOptions.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
31. jwtOptions.secretOrKey = 'secret';
32. jwtOptions.issuer = 'accounts.examplesoft.com';
33. jwtOptions.audience = 'yoursite.net';
34.  
35. passport.use(new JwtStrategy(jwtOptions, function(jwt_payload, done) {
36.  
37.   var user = listOfUsers[_.findIndex(listOfUsers, {id: jwt_payload.id})];
38.   if (user) {
39.     return done(null, user);
40.   } else {
41.     return done(null, false);
42.     // or you could create a new account
43.   }
44. }));
45.  
46. var app = express();
47. app.use(passport.initialize());
48.  
49. app.use(bodyParser.urlencoded({
50.   extended: true
51. }));
52. app.use(bodyParser.json())
53.  
54.  
55. app.post("/login", function(req, res) {
56.   if(req.body.name && req.body.password){
57.     var name = req.body.name;
58.     var password = req.body.password;
59.   }
60.   // usually this would be a database call:
61.   var user = listOfUsers[_.findIndex(listOfUsers, {name: name})];
62.   if (user===undefined) {
63.     console.log("sorry, can't find user!");
64.     res.status(401).json({message:"sorry, can't find user!"});
65.   }
66.   if( ! user ){
67.     console.log({message: "no such user found"});
68.     res.status(401).json({message:"no such user found"});
69.   }
70.   if(user.password === req.body.password) {
71.     var payload = {id: user.id};
72.     var token = jwt.sign(payload, jwtOptions.secretOrKey);
73.     res.json({message: "ok", payload: payload, token: token});
74.     console.log("token is:" + token + " payload id is:" + payload.id);
75.     //res.redirect('/profile');
76.   } else {
77.     console.log("passwords did not match");
78.     res.status(401).json({message:"passwords did not match"});
79.   }
80. });
81.  
82. app.get("/profile", passport.authenticate('Bearer', { session: false }), function(req, res){
83.   res.json({message: "User profile. Success! You can not see this without a token"});
84. });
85.  
86. app.get("/secretDebug",
87.   function(req, res, next){
88.     console.log(req.get('Authorization'));
89.     next();
90.   }, function(req, res){
91.     res.json("debugging");
92. });
93. // passport jwt
94.  
95.  
96. const port = 3000;
97. //const app = express();
98.  
99. app.set('views', path.join(__dirname, 'views'));
100. app.set('view engine', 'ejs');
101. app.engine('html', require('ejs').renderFile);
102.  
103. //app.use(bodyParser.json());
104. //app.use(bodyParser.urlencoded({ extended: false }));
105.  
106. app.use(express.static(__dirname + '/client/dist/'));
107.  
108. app.use('/', index);
109. app.use('/api', users);
110.  
111. app.listen(port, function(){
112.   console.log('Server is running on port ' +port);
113. });